Week 6 In Review – 2011

Week 6 In Review – 2011

Events Related

ShmooCon CTF 2011 Ghost In the Shellcode – ghostintheshellcode.com
Congratulations to ppp for winning the second GitS CTF! The game board as it was when the contest ended is now live, though answers are not accepted, nor are any of the exploitable services running.

Just like the real thing – blog.uncommonsensesecurity.comThe goal is to build a truly “enterprise class” network, and they pull it off every year.

RSA 2011
Last year we produced a pretty detailed Guide to the Conference and it was well received, so – gluttons for punishment that we are – we’re doing it again

ShmooCon 2011 Debriefing – blog.fortinet.com
First, just like in BlackHat DC 2011, this year’s conference had several talks on smart phones. Good news! I was however slightly surprised they all concerned Android.

PDF Exploit Disguised As A Xerox Scanned Document – labs.m86security.com
Most office network printers and scanners have a feature that sends scanned documents over email. Cyber crooks however, have imitated email templates used by these devices for malicious purposes

MetaSploit Framework 3.5.2 Released – blog.metasploit.com
On February 1st, Eduardo Prado of Secumania notified us of a privilege escalation vulnerability on multi-user Windows installations of the Metasploit Framework.

Open SCAP v0.6.8 released – open-scap.org
The OpenSCAP Project was created to provide an open-source frameworkto the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.

SSL Diagnosis v0.8.1a released – sourceforge.netSSL Diagnos is used to get information about SSL usage (protocols ssl2, ssl3, tls, dtls, and ciphers). It can also be used for testing and rating ciphers on SSL clients.

Passwords shared between rootkit.com and gawker – terminal23.net
This is a classic journo case of an editor-sensationalized title for an article that doesn’t really get reasonable until the last two paragraphs where it kinda puts the brakes on calling password reuse “endemic.”

UPDATE: Nmap 5.51! – nmap.org
Wow! In about two weeks time, another Nmap release! We now have Nmap version 5.51! The last release was Nmap 5.50, which we wrote about here.

UPDATE: Fiddler v2.3.2.3! – fiddler2.comOur first post regarding Fiddler, the web debugger can be found here. On the 13th of February, an update was released.

Techniques

A Python Domains Extractor From IPs – blog.kaffenews.com
I developed it in 5 mins just because I had to do a PT on a list of IP Addresses and it was needed to get the Domains from IPs.

TrueCrypt
After I read the documentation and some reviews I realize that it is a very secure piece of software that implements many high level features so I knew I will not be easy, at least in theory.

Breaking web security – it’s all about RCS – net-ninja.net
I will be discusing ways in which we can include error handling, anonymimity and how we can build the exploit so that the auditor has a reliable and flexible weapon.

Adobepatch
Adobe released updates for Reader for 9.4.2 and 10.0.1. While this page on Adobe’s site doesn’t actually list them correctly, if you drill down into the actual product and OS, you’ll see the updates listed for 2/8/2011.

Rootkit.com’s MySQL database leaked – stfu.cc
Come on, I know it’s /r/netsec, so we should be familiar with checking URLs before clicking, but I’d expect at least a warning before clicking a direct download of a company’s database.

Hatfields and McCoys 2011 Style – 1raindrop.typepad.com
By itself its an derisive, throw away comment that security people make about developers all the time, and of course developers are not averse to throwing haymakers back at security people.

Secret Plan To Kill WikiLeaks With FUD Leaked – wikileaks.ch
Three information security consultancies with links to US spy agencies cooked up a dirty tricks campaign late last year to destroy Wikileaks by exploiting its perceived weaknesses.

Night Dragon attacks: myth or reality – nakedsecurity.sophos.com
Many readers will have seen the press around a series of hacking attacks that have been labelled the ‘Operation Night Dragon’ attacks by McAfee.

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.